Compile it on your own. You complain about Debian testing, while using Samba 4?! That sounds odd as the website of Samba states: "Samba 4 is currently not yet in a state where it can replace existing production deployments."
–
mailqJul 2 '12 at 22:52

I was not complaining, I was wanting to keep experimental software to a minimum. I do however require the GPO functionality of Samba4.
–
VisionIncisionJul 2 '12 at 22:56

This will install the latest bind in /opt/bind so it won't conflict with the current system packages. If you want some extra features or non stadard options just read the README in the source directory.

The last command will fetch the source package to the current directory and try to build it. If it is successful, you'll have new .deb files in the current directory when it is finished which you can install with dpkg -i

because it keeps you from also installing dependencies from testing. Since packages from testing are far more likely to be buggy, and testing gets no security support, the fewer packages installed from testing the better.
–
stewJul 2 '12 at 23:49

for example, for this package, he would have to upgrade his openssl libraries to the testing versions, my way he instead compiles against the openssl already in stable and therefore doesn't lose security support for openssh
–
stewJul 2 '12 at 23:53

Only if it works with the old version of the libs...
–
Christopher PerrinJul 5 '12 at 8:01

If it doesn't, then the Build-Depends: of the package are mis-declared. The build-depends of the testing/unstable bind9 source package are currently satisfiable in stable. In the case when one is backporting and not all the Build-Depends are satisfiable in stable, one can often just first backport those.
–
stewJul 5 '12 at 11:23